feat: integrate Snyk workspace scan with Google Gemini Code Assist #583
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit introduces integration between the Snyk Security extension and the Google Gemini Code Assist extension, enabling users to trigger workspace scans directly from the Gemini chat interface. Key changes: - **MCP Server Communication:** The Snyk Language Server (LS) now communicates the MCP server URL which triggers connecting to the Gemini Code Assist extension. - **Gemini Chat Handler:** A new chat handler is registered with Gemini, which is triggered when the user's chat message includes `/scan`. - **Workspace Scan Execution:** The chat handler executes the `snyk.executeMCPToolCall` command, performing a Snyk workspace scan. - **Result Delivery:** The scan results are formatted as markdown and sent back to Gemini for display to the user. - **Command Registration:** The `/scan` command is added to the Gemini command list for discoverability. - **Error handling:** A try catch was added to avoid crashing if there is an error. - **Listener placement:** Moved the registration of the listeners to be before the Language Server is started. This feature allows users to perform Snyk security scans in a more conversational and integrated manner within their development workflow.
**Explanation:** The change is very simple: * **`let vscode = acquireVsCodeApi();`** is changed to **`const vscode = acquireVsCodeApi();`** **Why this change is made:** The original code used `let` to declare the `vscode` variable. However, the `acquireVsCodeApi()` function is meant to be called once, and the returned object (the VS Code API) is intended to be a singleton that's used throughout the script's lifecycle. It's never reassigned. Using `const` is better practice here because: 1. **Immutability:** It explicitly states that the `vscode` variable will not be reassigned after initialization. This makes the code easier to reason about and helps prevent accidental modification of the API object. 2. **Readability:** `const` clearly communicates the intent that `vscode` is a constant reference to the VS Code API. 3. **Strictness:** it ensures the variable is not accidentally reassigned later, making it safer. In essence, this is a minor improvement for code clarity, maintainability, and safety. It does not change the functionality.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This commit introduces integration between the Snyk Security extension and the Google Gemini Code Assist extension, enabling users to trigger workspace scans directly from the Gemini chat interface.
Key changes:
/scan.snyk.executeMCPToolCallcommand, performing a Snyk workspace scan./scancommand is added to the Gemini command list for discoverability.This feature allows users to perform Snyk security scans in a more conversational and integrated manner within their development workflow.
Checklist
Screenshots / GIFs
Visuals that may help the reviewer. Please add screenshots for any UI change. GIFs are most welcome!